Configuring a Fallback Policy with MAC Filtering and Web Authentication

Information About Fallback Policy with MAC Filtering and Web
Authentication

You can configure a fallback
policy mechanism that combines Layer 2 and Layer 3 security. In a scenario
where you have both MAC filtering and web authentication implemented, when a
client tries to connect to a WLAN using the MAC filter (RADIUS server), if the
client fails the authentication, you can configure the authentication to fall
back to web authentication. When a client passes the MAC filter authentication,
the web authentication is skipped and the client is connected to the WLAN. With
this feature, you can avoid disassociations based on only a MAC filter
authentication failure.

Restrictions

Mobility is not supported for SSIDs with security type configured for Webauth on MAC filter failure.

MAC filtering does not support passthrough web-authentication. It supports only username and password for web-authentication.

Mobility is not supported for SSIDs with security type configured for
Webauth on MAC filter failure.